PROJECT RISK MGT

1. PLAN RISK MGT

1.1. Inputs

1.1.1. Proj Charter / PMP /Prj Docs (SH Regis) / EEF / OPA

1.2. T&T

1.2.1. Expert J, / Data Analy (S H analysis) / Meeting (kick off)

1.3. Output

1.3.1. Risk Mgt Plan

1.3.1.1. How risk management activities will be structured and performed

1.3.1.1.1. Risk Strategy

1.3.1.1.2. Methodology

1.3.1.1.3. Roles n responsibility

1.3.1.1.4. Funding

1.3.1.1.5. Timing (Project Life cycle)

1.3.1.1.6. Risk Categories

1.3.1.2. determining risk methodology +risk strategy

2. Perform Qualitative Risk Analysis

2.1. prioritizing individual project risks for further analysis

2.2. Probability + impact analysis

2.2.1. Probability & impact matrix

2.3. Subjective analysis/quality assesment

2.4. Focus on high priority risk

2.5. Agile - before start of every iteration

2.6. foundation for Perform Quantitative Risk Analysis

2.7. T& T

2.7.1. Expert Judg.

2.7.2. Data Gathering

2.7.3. Data Analysis

2.7.3.1. Risk data quality assessment

2.7.3.1.1. accurate and reliable

2.7.3.2. Risk probability and impact assessment

2.7.3.2.1. likelihood that a specific risk will occur.

2.7.3.3. Assessment of other risk parameters

2.7.3.3.1. Urgency -speed with which you would have to do something about the risk/ which a response to the risk is to be implemented - short period -.> high risk

2.7.3.3.2. :Proximity -

2.7.3.3.3. Manageability - how easily handle the impact

2.7.3.3.4. Controllability -degree to control d impact

2.7.3.3.5. Detectability :

2.7.3.3.6. Connectivity :Higher -.> higher risk

2.7.3.3.7. Strategic impact -

2.7.3.3.8. Propinquity - very close to the heart of someone

2.7.3.3.9. Dormancy - How soon do we feel

2.7.4. Interpersonal & Team skill

2.7.4.1. Facilitation

2.7.4.1.1. Skilled facilitator -

2.7.5. Risk Categorisation

2.7.5.1. RBS

2.7.5.1.1. Grouping risks into categories

2.7.6. Data representation

2.7.6.1. Probability and impact matrix

2.7.6.2. Hierarchical charts.

2.8. OUTPUT

2.8.1. Project documents update

2.8.1.1. Assumption log/issue log/risk register/ risk report

2.9. Risk Categorization

2.9.1. Known Known

2.9.1.1. Know for sure

2.9.2. Known Unknown

2.9.2.1. Bad weather

2.9.3. Unknown known

2.9.4. Unknown Known

2.9.4.1. Surprise

3. Implement Risk Response

4. Monitor Risk

4.1. tracking identified risks, identifying and analyzing new risks, and evaluating risk process

4.2. INPUTS

4.2.1. PMPln

4.2.2. Proj Docs

4.2.3. WPI

4.2.3.1. project status

4.2.4. WPR

4.3. T&R

4.3.1. Audits

4.3.2. Meetings

4.4. OUTPUT

4.4.1. WPI

4.4.2. Change Request

4.4.3. PMPln Updates

4.4.4. OPA s update

5. What is Risk

5.1. Uncertain event

5.2. Positive / Negative impact

5.2.1. Positive Impact

5.2.1.1. Oppotunitiy

5.2.2. Negative impact

5.2.2.1. Threat

5.3. Even Based Risk

5.3.1. a key seller may go out / Cus may change the requirement

5.4. Non event based Risk

5.4.1. Variability Risk

5.4.1.1. Uncertainty exists - planned event or activity or decision.

5.4.1.1.1. the number of errors found during testing may be higher or lower than expected

5.4.1.1.2. unseasonal weather conditions

5.4.1.2. addressed using Monte Carlo analysis

5.4.1.2.1. productivity may be above or below target,

5.4.2. Ambiguity Risk

5.4.2.1. Uncertainty exists -what might happen in the future

5.4.2.1.1. future developments in regulatory frameworks

5.4.2.1.2. inherent systemic complexity in the project

5.4.3. Emergent Risk

5.4.3.1. addressed through incremental development, prototyping, or simulation

5.4.3.2. risks that can only be recognized after they have occurred.

5.4.3.2.1. Project resilience

5.4.3.3. Integrated Risl Mgnt

5.4.3.3.1. how well an organization manages its unique set of risks.

6. KEY CONCEOTS

6.1. Individual Pr.Risk

6.1.1. effect on one or more project objectives.

6.2. Overall Pr. Risk

6.2.1. effect of uncertainty on the project as a whole

6.3. Non event Risk

6.4. Project Resilience

6.5. Integrated Risk Mgt

6.6. S/H Risk appetite

6.7. Risk Probability & Impact Matrix

6.7.1. numeric values P * I

6.7.2. which allows the relative priority of individual risks to be evaluated within each priority level

6.7.3. What does /low/moderate/high risk mean in terms of impacts on project?

6.8. SWOT Analysis

6.9. Prompt List

6.9.1. predetermined list of risk categories that might give rise to individual project risk

6.9.2. lowest level of the risk breakdown structure

6.9.3. PESTLE - political, economic, social, technological, legal, environmental)

6.9.4. TECOP

6.10. Risk Register

6.11. Risk Report

6.12. Simulation

6.13. Sensitivity Analysis

6.14. Decision Tree Analysis

6.15. Influence Diagram

6.16. (specified range of acceptable results)

6.17. Risk Appetite

6.17.1. Degree of uncertainty willing to take

6.18. Risk Tolerance

6.19. Risk Threshold

6.19.1. The level of risk exposure above which risks are addressed

6.19.2. Below Risk thre- Org will accept d risk

6.19.3. Above R/Thre - Org will not tolerate d risk

6.20. Risk Breakdown Structure (RBS)

6.20.1. A hierarchical representation of potential sources of risks.

7. Management Aim

7.1. Positive Risk /Opportunities - Enhance /Exploite

7.2. Negative Risk / Threat - Mitigate / Avoid

7.3. To keep project risk exposure within an acceptable range

7.4. reducing drivers of negative variation,

7.5. promoting drivers of positive variation

7.6. maximizing the probability of achieving overall project objectives

7.7. should be conducted iteratively

7.8. the project stays on track and emergent risks are addressed.

8. Risk Tailoring

8.1. Project size

8.2. Project complexity

8.2.1. high levels of innovation, new technology, commercial arrangements, interfaces, or external dependencies that increase project complexity

8.3. Project importance

8.4. Development approach.

8.4.1. waterfall project

8.4.1.1. sequentially and iteratively

8.4.2. agile

8.4.2.1. start of each iteration (Identify /analyze/ manage

8.4.2.2. during execution

8.4.2.3. adaptive approaches

9. Risk Factors

9.1. Probability

9.1.1. % risk may occur

9.2. Impact

9.2.1. Range of possible outcome

9.3. Timing

9.4. Frequesncy

9.4.1. How often

10. IDENTIFY RISK

10.1. Identify + documentation of existing individual project risks and the sources of overall project risk

10.1.1. throughout the project / Iterative

10.1.2. project manager, project team members, project risk specialist (if assigned), customers, subject matter experts from outside the project team, end users, other project managers, operations managers, stakeholders, and risk management experts within the organization.

10.1.3. Nominate Risk Owners

10.2. Inputs

10.2.1. PM Pln - Requrmt. ; Schedule; Cost mgt ; Resource : risk ; scope+schedule+cost baseline ; /Pro. Docs (SH Regis) / Agreements / EEF / OPA

10.2.2. Project Doc

10.2.2.1. SH Reg / Risk Report / Issue Log / Requit. Doc / Assumpt Log

10.2.3. Agreements

10.2.4. Procurement doc

10.2.4.1. seller performance reports, approved change requests and information on inspections.

10.3. T&T

10.3.1. Expert J, / Data Analy (S H analysis) / Meeting (kick off)

10.3.2. Data Analy

10.3.2.1. Brainstorming (a comprehensive list of individual project risks a)

10.3.2.2. Chk list

10.3.2.2.1. similar completed projects,

10.3.2.2.2. list of items, actions, or points /Reminder

10.3.2.3. Interview

10.3.2.3.1. experienced project participants, stakeholders, and subject matter experts ; Trust / Encourage

10.3.2.4. Root Cause Analyses

10.3.2.4.1. causes -lead to a problem, and develop preventive action.

10.3.2.5. SWOT analys,

10.3.3. Interpersonal & team skills

10.3.3.1. Facilitation

10.3.4. Prompt list

10.3.4.1. Prompt List

10.3.4.1.1. predetermined list of risk categories that might give rise to individual project risk

10.3.4.1.2. lowest level of the risk breakdown structure

10.3.4.1.3. PESTLE - political, economic, social, technological, legal, environmental)

10.3.4.1.4. TECOP

10.3.4.1.5. VUCA

10.3.5. Meeting / risk workshop

10.3.6. Agreements

10.3.6.1. milestone dates, contract type, acceptance criteria, and awards and penalties

10.3.7. Interview

10.3.7.1. experienced project participants, stakeholders, and subject matter experts

10.4. Output

10.4.1. Risk Register

10.4.1.1. Identified individual project risks

10.4.1.2. Perform Qualitative Risk Analysis, Plan Risk Responses, Implement Risk Responses, and Monitor Risks

10.4.1.3. identified risks, Potential risk owner and List of potential risk responses

10.4.1.4. short risk title, risk category and status, risk triggers, WBS reference and timing information

10.4.2. Risk Report

10.4.2.1. explains the overall project risks and provides summaries about the individual project risks

10.4.2.2. overall project risk, together with summary information on identified individual project risks

10.4.3. Assumption Log

11. Perform Quantitative Risk Analysis

11.1. quantifies overall project risk exposure

11.2. not required for every project,

11.3. additional quantitative risk information

11.4. T&T

11.4.1. Simulation (Montecarlo analysis)

11.4.1.1. When significant uncertainty -need to make an estimate/forecast /decision where there is

11.4.1.1.1. Computer aid analysis

11.4.2. Sensitivity Analysis (Tornado diagram)

11.4.2.1. to determine which individual project risks or other sources of uncertainty - most potential impact

11.4.2.1.1. which risks have the most potential impact on the project.

11.4.2.1.2. The longer the bar, High sensitive the risk.

11.4.2.1.3. largest impact on the top /least impact on the bottom.

11.4.3. Decision Tree analysis

11.4.3.1. to support selection of the best of several alternative

11.4.4. Influence diagram

11.4.4.1. check the dependencies of tasks on each other

11.4.5. EMV= I * P

11.4.5.1. to quantify risks and calculate the contingency reserve.

11.4.5.2. The sum of the EMV of all events is the contingency reserve.

12. Plan Risk Response

12.1. how to make a proper response to a risk

12.1.1. minimize individual threats, /maximize individual opportunities/ reduce overall project risk exposure

12.1.2. appropriate

12.1.3. cost-effective

12.1.4. realistic

12.1.5. agreed upon by all parties involved,

12.1.6. owned by a responsible person

12.2. INPUTS

12.2.1. PM Pln

12.2.1.1. Resource management plan

12.2.1.1.1. how resources allocated to agreed-upon risk responses

12.2.1.2. Risk management plan

12.2.1.2.1. Risk management roles and responsibilities

12.2.1.2.2. risk thresholds

12.2.1.2.3. Cost baseline

12.2.2. Project documents

12.2.2.1. Lessons learned register

12.2.2.1.1. effective risk responses used

12.2.2.1.2. reviewed to determine if similar responses

12.2.2.2. Project schedule

12.2.2.2.1. how agreed-upon risk responses will be scheduled alongside other project activities.

12.2.2.3. Project team assignments

12.2.2.3.1. resources that can be allocated to agreed-upon risk responses

12.2.2.4. Resource calendars.

12.2.2.4.1. resources availability- to be allocated to agreed-upon risk responses

12.2.2.5. Risk register

12.2.2.5.1. identified and prioritized,-individual risk

12.2.2.5.2. which risk responses are required

12.2.2.5.3. nominated risk owner for each risk

12.2.2.6. Risk report.

12.2.2.6.1. current level of overall risk exposure

12.2.2.6.2. Prioritized individual project risks

12.2.2.7. Stakeholder register.

12.2.2.7.1. potential owners for risk responses.

12.3. T&T

12.3.1. STRATEGIES

12.3.1.1. OPPORTUNITIES

12.3.1.1.1. Exploite

12.3.1.1.2. Enhance

12.3.1.1.3. Share

12.3.1.1.4. Accept

12.3.1.2. THREATS

12.3.1.2.1. Avoid

12.3.1.2.2. Mitigate.

12.3.1.2.3. Transfer

12.3.1.2.4. Escalate (Programme/portfolio/other)

12.3.1.2.5. Accept

12.4. OUTPUT

12.4.1. Change request

12.4.1.1. cost and schedule baselines or other components of the project management plan

12.4.2. PMPln updates

12.4.3. Project Doc updates